<?php

/*
	Used in the project page.
*/

// Error reporting
error_reporting(E_ALL^E_NOTICE);

require_once("../functions/connect_to_database.php");

echo "in array ". in_array($_POST['color'],array('yellow','green','blue'));

// Checking whether all input variables are in place:
if(!is_numeric($_POST['zindex']) || !isset($_POST['author']) || !isset($_POST['body']) || !in_array($_POST['color'],array('yellow','green','blue')))
	die("0");

if(ini_get('magic_quotes_gpc'))
{
	// If magic_quotes setting is on, strip the leading slashes that are automatically added to the string:
	$_POST['author']=stripslashes($_POST['author']);
	$_POST['body']=stripslashes($_POST['body']);
}

// Escaping the input data:

$author = mysql_real_escape_string(strip_tags($_POST['author']));
$body = mysql_real_escape_string(strip_tags($_POST['body']));
$color = mysql_real_escape_string($_POST['color']);
$zindex = (int)$_POST['zindex'];
$project = mysql_real_escape_string($_POST['pname']);
$cardID;

$query = 'INSERT INTO `' . $project . '` (text,name,color,xyz) VALUES ("'.$body.'","'.$author.'","'.$color.'","0x600x'.$zindex.'");';

/* Inserting a new record in the notes DB: */
$result = mysql_query($query);
echo $query;

if(!$result)
		die(mysql_error());

if(mysql_affected_rows($result)==1)
{
	// Return the id of the inserted row:
	$cardID = mysql_insert_id($result);
	echo $cardID;
}
else echo '0';

$cardID = mysql_insert_id();


$query3 = ("SELECT `divChildrenList` FROM `points` WHERE projectName='".$project."' AND divID = 'note_start'");
	$result = mysql_query($query3);
	if(!$result)
		die(mysql_error());
	
	$array = array();
	//Display messages 
	while ($row = mysql_fetch_assoc($result)) {
		$array[] = $row['divChildrenList'];
		
	}
	
	$array[] = $cardID;
	$start_list = implode(",", $array);
	//$array_data = explode(",", $array);
	//echo count($array_data);


$query1 = sprintf("UPDATE points SET divChildrenList='%s' WHERE projectName='%s' AND divID='note_start'",
					$start_list,$project);
$result = mysql_query($query1);

if(!$result){
	error_log($query.mysql_error());
	die(mysql_error());
}
echo("success");

$query0 = sprintf("UPDATE points SET divChildren=divChildren +1 WHERE projectName='%s' AND divID='note_start'",$project);
$result = mysql_query($query0);

if(!$result){
	error_log($query.mysql_error());
	die(mysql_error());
}
echo("success");




?>
